/** * 查询会话列表 * * @param string $con 查询条件 * @param string $field 查询字段 默认返回所有字段 * @param string $key 返回的数组key值 * @return */ function session_list($con, $field = '*', $key = '') { $sql = 'SELECT ' . $field . ' FROM ' . DB_PREFIX . 'session WHERE ' . $con; $q = $this->db->query($sql); $ret = array(); while ($row = $this->db->fetch_array($q)) { $row['title'] = hg_clean_value($row['title']); $group_id = $row['id']; $sqls = 'SELECT COUNT(*) as total FROM ' . DB_PREFIX . 'session_user WHERE session_id=' . $group_id . ''; $count = $this->db->query($sqls); while ($r = $this->db->fetch_array($count)) { $row['count'] = $r['total']; } isset($row['last_uavatar']) && ($row['last_uavatar'] = $row['last_uavatar'] ? unserialize($row['last_uavatar']) : array()); if ($key) { $ret[$row[$key]] = $row; } else { $ret[] = $row; } } return $ret; }
public function detail($id = '') { if (!$id) { return false; } $sql = "SELECT *,c.id as id FROM " . DB_PREFIX . "contribute c LEFT JOIN " . DB_PREFIX . "contribute_content cc ON c.id=cc.id WHERE c.id = '" . $id . "'"; $info = $this->db->query_first($sql); //此处根据情况做一些格式化的处理,如:date('Y-m-d',TIMENOW); $info['status_text'] = $this->settings['general_publish_status'][$info['status']]; $info['content'] = $info['content']; $info['content_image'] = unserialize($info['content_image']); $info['column_path'] = html_entity_decode(hg_clean_value($info['column_path'])); return $info; }
/** * Display the specified resource. * * @param int $id * @return Response */ public function detail() { if ($this->input['id']) { $ret = $this->mode->detail($this->input['id']); $ret['content'] = html_entity_decode(hg_clean_value($ret['content'])); if ($ret) { $this->addItem($ret); $this->output(); } } }
/** * 检索条件 关键字,时间,状态,标题,发布时间,图片,附件,视频 * * @name get_condition * @access private * @category hogesoft * @copyright hogesoft */ private function get_condition() { $condition = ''; //搜索标签 if ($this->input['searchtag_id']) { $searchtag = $this->searchtag_detail(intval($this->input['searchtag_id'])); foreach ((array) $searchtag['tag_val'] as $k => $v) { if (in_array($k, array('_id'))) { //防止左边栏分类搜索无效 continue; } $this->input[$k] = hg_clean_value($v); } } //搜索标签 ####增加权限控制 用于显示#### if ($this->user['group_type'] > MAX_ADMIN_TYPE) { if (!$this->user['prms']['default_setting']['show_other_data']) { $condition .= ' AND user_id = ' . $this->user['user_id']; } else { //组织以内 if ($this->user['prms']['default_setting']['show_other_data'] == 1 && $this->user['slave_group']) { $condition .= ' AND org_id IN(' . $this->user['slave_org'] . ')'; } } if ($authnode = $this->user['prms']['app_prms'][APP_UNIQUEID]['nodes']) { $authnode_str = $authnode ? implode(',', $authnode) : ''; if ($authnode_str === '0') { $condition .= ' AND a.sort_id IN(' . $authnode_str . ')'; } if ($authnode_str && $authnode_str != -1) { $authnode_str = intval($this->input['_id']) ? $authnode_str . ',' . $this->input['_id'] : $authnode_str; $sql = 'SELECT id,childs FROM ' . DB_PREFIX . 'sort WHERE id IN(' . $authnode_str . ')'; $query = $this->db->query($sql); $authnode_array = array(); while ($row = $this->db->fetch_array($query)) { $authnode_array[$row['id']] = explode(',', $row['childs']); } $authnode_str = ''; foreach ($authnode_array as $node_id => $n) { if ($node_id == intval($this->input['_id'])) { $node_father_array = $n; if (!in_array(intval($this->input['_id']), $authnode)) { continue; } } $authnode_str .= implode(',', $n) . ','; } $authnode_str = TRUE ? $authnode_str . '0' : trim($authnode_str, ','); if (!$this->input['_id']) { $condition .= ' AND a.sort_id IN(' . $authnode_str . ')'; } else { $authnode_array = explode(',', $authnode_str); if (!in_array($this->input['_id'], $authnode_array)) { // if (!($auth_child_node_array = array_intersect($node_father_array, $authnode_array))) { $this->errorOutput(NO_PRIVILEGE); } //$this->errorOutput(var_export($auth_child_node_array,1)); $condition .= ' AND a.sort_id IN(' . implode(',', $auth_child_node_array) . ')'; } } } } } if ($this->input['_id']) { $sql = "SELECT childs FROM " . DB_PREFIX . "sort WHERE id = " . intval($this->input['_id']); $ret = $this->db->query_first($sql); $condition .= " AND a.sort_id in (" . $ret['childs'] . ")"; } ####增加权限控制 用于显示#### if ($this->input['max_id']) { $condition .= " AND a.id >" . intval($this->input['max_id']); } //查询 if ($this->input['key']) { if (stripos($this->input['key'], '_') !== FALSE) { $this->input['key'] = addcslashes($this->input['key'], '_'); } if (stripos($this->input['key'], '%') !== FALSE) { $this->input['key'] = addcslashes($this->input['key'], '%'); } if ($this->input['key'] == '#') { $condition .= " AND a.title REGEXP '[^&]#' OR a.title LIKE '#%' "; } else { $condition .= " AND a.title LIKE '%" . addslashes(trim($this->input['key'])) . "%' "; } } if ($this->input['user_name']) { $condition .= " AND a.user_name = '" . trim($this->input['user_name']) . "' "; } if ($this->input['author']) { $condition .= " AND a.author = '" . trim($this->input['author']) . "'"; } //查询分组 if ($this->input['sort_id'] && $this->input['sort_id'] != -1) { $condition .= " AND a.sort_id = '" . intval($this->input['sort_id']) . "'"; } if ($this->input['para']) { $condition .= " AND a.para = '" . intval($this->input['para']) . "'"; } if ($this->input['start_time'] == $this->input['end_time']) { $his = date('His', strtotime($this->input['start_time'])); if (!intval($his)) { $this->input['start_time'] = date('Y-m-d', strtotime($this->input['start_time'])) . ' 00:00'; $this->input['end_time'] = date('Y-m-d', strtotime($this->input['end_time'])) . ' 23:59'; } } //查询创建的起始时间 if ($this->input['start_time']) { $start_time = strtotime($this->input['start_time']); $condition .= " AND a.create_time > " . $start_time; } //查询创建的结束时间 if ($this->input['end_time']) { $end_time = strtotime($this->input['end_time']); $condition .= " AND a.create_time < " . $end_time; $start_time > $end_time && $this->errorOutput('搜索开始时间不能大于结束时间'); } //查询权重 if ($this->input['start_weight'] && $this->input['start_weight'] != -1) { $condition .= " AND a.weight >= " . $this->input['start_weight']; } if ($this->input['end_weight'] && $this->input['end_weight'] != -1) { $condition .= " AND a.weight <= " . $this->input['end_weight']; } if ($this->input['outlink'] == 1) { $condition .= " AND a.outlink != '' "; } if ($this->input['outlink_status']) { switch ($this->input['outlink_status']) { case 1: $condition .= " AND a.outlink != '' "; break; case 2: $condition .= " AND a.outlink = '' "; break; } } //查询发布的时间 if ($this->input['date_search']) { $today = strtotime(date('Y-m-d')); $tomorrow = strtotime(date('Y-m-d', TIMENOW + 24 * 3600)); switch (intval($this->input['date_search'])) { case 1: //所有时间段 break; case 2: //昨天的数据 $yesterday = strtotime(date('y-m-d', TIMENOW - 24 * 3600)); $condition .= " AND a.create_time > '" . $yesterday . "' AND a.create_time < '" . $today . "'"; break; case 3: //今天的数据 $condition .= " AND a.create_time > '" . $today . "' AND a.create_time < '" . $tomorrow . "'"; break; case 4: //最近3天 $last_threeday = strtotime(date('y-m-d', TIMENOW - 2 * 24 * 3600)); $condition .= " AND a.create_time > '" . $last_threeday . "' AND a.create_time < '" . $tomorrow . "'"; break; case 5: //最近7天 $last_sevenday = strtotime(date('y-m-d', TIMENOW - 6 * 24 * 3600)); $condition .= " AND a.create_time > '" . $last_sevenday . "' AND a.create_time < '" . $tomorrow . "'"; break; default: //所有时间段 break; } } //查询文章的状态 if (isset($this->input['status'])) { switch (intval($this->input['status'])) { case 0: $condition .= " "; break; case 1: //待审核 $condition .= " AND a.state= 0"; break; case 2: //已审核 $condition .= " AND a.state = 1"; break; case 3: //已打回 $condition .= " AND a.state = 2"; default: break; } } //根据是否有图片查询 if (isset($this->input['is_img'])) { switch (intval($this->input['is_img'])) { case 1: //不限制 $condition .= " "; break; case 2: //没有图片 $condition .= " AND a.is_img = 0"; break; case 3: //有图片 $condition .= " AND a.is_img = 1"; break; default: break; } } //根据是否有附件查询 if (isset($this->input['is_affix'])) { switch (intval($this->input['is_affix'])) { case 1: //不限制 $condition .= " "; break; case 2: //没有附件 $condition .= " AND a.is_affix = 0"; break; case 3: //有附件 $condition .= " AND a.is_affix = 1"; break; default: break; } } //根据是否有视频查询 if (isset($this->input['is_video'])) { switch (intval($this->input['is_video'])) { case 1: //不限制 $condition .= " "; break; case 2: //没有视频 $condition .= " AND a.is_video = 0"; break; case 3: //有视频 $condition .= " AND a.is_video = 1"; break; default: break; } } //过滤掉自动草稿 $condition .= " AND a.state != -1"; //根据发布库栏目搜索 if ($this->input['pub_column_id']) { include_once ROOT_PATH . 'lib/class/publishconfig.class.php'; $publishconfig = new publishconfig(); $pub_column_id = $publishconfig->get_column_by_ids('id, childs', $this->input['pub_column_id']); foreach ((array) $pub_column_id as $k => $v) { $column_id[] = $v['childs']; } $column_id = implode("','", $column_id); if ($column_id) { $condition .= " AND pc.column_id IN('" . $column_id . "')"; } $condition .= " GROUP BY a.id"; } return $condition; }
function get_condition() { //大小新闻移动客户端,记者发稿 $data = file_exists(DATA_DIR . 'reporter.txt') ? file_get_contents(DATA_DIR . 'reporter.txt') : ''; $dataarray = explode("\n", $data); foreach ($dataarray as $value) { $newdata = explode(',', $value); $reporterid .= $newdata['0'] . ','; } $reporterid = rtrim($reporterid, ','); $condition = ''; //搜索标签 if ($this->input['searchtag_id']) { $searchtag = $this->searchtag_detail(intval($this->input['searchtag_id'])); foreach ((array) $searchtag['tag_val'] as $k => $v) { if (in_array($k, array('_id'))) { //防止左边栏分类搜索无效 continue; } $this->input[$k] = hg_clean_value($v); } } //搜索标签 /**************权限控制开始**************/ if ($this->user['group_type'] > MAX_ADMIN_TYPE) { if (!$this->user['prms']['default_setting']['show_other_data']) { $condition .= ' AND c.user_id = ' . $this->user['user_id']; //不允许查看他人数据 } elseif ($this->user['prms']['default_setting']['show_other_data'] == 1 && $this->user['slave_org']) { $condition .= ' AND c.org_id IN (' . $this->user['slave_org'] . ')'; //查看组织内的数据 } if ($authnode = $this->user['prms']['app_prms'][MOD_UNIQUEID]['nodes']) { $authnode_str = ''; $authnode_str = $authnode ? implode(',', $authnode) : ''; if ($authnode_str === '0') { $condition .= ' AND c.sort_id IN(' . $authnode_str . ')'; } if ($authnode_str) { $authnode_str = intval($this->input['_id']) ? $authnode_str . ',' . $this->input['_id'] : $authnode_str; $sql = 'SELECT id,childs FROM ' . DB_PREFIX . 'sort WHERE id IN(' . $authnode_str . ')'; $query = $this->db->query($sql); $authnode_array = array(); while ($row = $this->db->fetch_array($query)) { $authnode_array[$row['id']] = explode(',', $row['childs']); } $authnode_str = ''; foreach ($authnode_array as $node_id => $n) { if ($node_id == intval($this->input['_id'])) { $node_father_array = $n; if (!in_array(intval($this->input['_id']), $authnode)) { continue; } } $authnode_str .= implode(',', $n) . ','; } $authnode_str = in_array('0', $authnode) ? $authnode_str . '0' : trim($authnode_str, ','); if (!$this->input['_id']) { $condition .= ' AND c.sort_id IN(' . $authnode_str . ')'; } else { $authnode_array = explode(',', $authnode_str); if (!in_array($this->input['_id'], $authnode_array)) { if (!($auth_child_node_array = array_intersect($node_father_array, $authnode_array))) { $this->errorOutput(NO_PRIVILEGE); } $condition .= ' AND c.sort_id IN(' . implode(',', $auth_child_node_array) . ')'; } } } } } /**************权限控制结束**************/ if ($this->input['key']) { $condition .= ' AND c.title LIKE "%' . trim(urldecode($this->input['key'])) . '%"'; } if ($this->input['user_name']) { $condition .= ' AND c.user_name = "' . trim($this->input['user_name']) . '"'; } //分类列表 if ($this->input['contribute_sort'] && intval($this->input['contribute_sort']) != -1) { $condition .= ' AND c.sort_id = ' . $this->input['contribute_sort']; } if ($this->input['contribute_sort_audit'] && $this->input['contribute_sort_audit'] != -1) { $condition .= ' AND c.audit = ' . $this->input['contribute_sort_audit']; } if ($this->input['_id']) { $condition .= ' AND c.sort_id = ' . $this->input['_id']; } if ($this->input['start_time']) { $start_time = strtotime(trim(urldecode($this->input['start_time']))); $condition .= " AND c.create_time >= " . $start_time; } if ($this->input['end_time']) { $end_time = strtotime(trim(urldecode($this->input['end_time']))); $condition .= " AND c.create_time <= " . $end_time; } if ($this->input['contribute_sort_time']) { $today = strtotime(date('Y-m-d')); $tomorrow = strtotime(date('y-m-d', TIMENOW + 24 * 3600)); switch (intval($this->input['contribute_sort_time'])) { case 1: //所有时间段 break; case 2: //昨天的数据 $yesterday = strtotime(date('y-m-d', TIMENOW - 24 * 3600)); $condition .= " AND c.create_time > " . $yesterday . " AND c.create_time < " . $today; break; case 3: //今天的数据 $condition .= " AND c.create_time > " . $today . " AND c.create_time < " . $tomorrow; break; case 4: //最近3天 $last_threeday = strtotime(date('y-m-d', TIMENOW - 2 * 24 * 3600)); $condition .= " AND c.create_time > " . $last_threeday . " AND c. create_time < " . $tomorrow; break; case 5: //最近7天 $last_sevenday = strtotime(date('y-m-d', TIMENOW - 6 * 24 * 3600)); $condition .= " AND c.create_time > " . $last_sevenday . " AND c.create_time < " . $tomorrow; break; default: //所有时间段 break; } } if ($this->input['contribute_sort_report']) { $condition .= "AND c.user_id in ({$reporterid})"; } if ($this->input['contribute_is_follow']) { $condition .= " AND c.is_follow = " . $this->input['contribute_is_follow']; } if ($this->input['other_show_id']) { $condition .= " and c.sort_id in (" . $this->input['other_show_id'] . ") "; } if ($this->input['other_audit_id']) { $condition .= " and c.audit in (" . $this->input['other_audit_id'] . ") "; } return $condition; }
if (SCRIPT_NAME != 'install' && !@(include ROOT_PATH . 'conf/config.php')) { header('Location:./install/'); } require ROOT_PATH . 'conf/template.conf.php'; if (DEBUG_MODE) { define('STARTTIME', microtime()); define('MEMORY_INIT', memory_get_usage()); include ROOT_PATH . 'lib/func/debug.php'; } require ROOT_PATH . 'lib/func/functions.php'; require ROOT_PATH . 'lib/func/functions_ui.php'; require ROOT_PATH . 'lib/class/functions.class.php'; require ROOT_PATH . 'lib/ui.base.php'; require ROOT_PATH . 'lib/templates/template.php'; @(include ROOT_PATH . 'conf/proxy.conf.php'); $_SERVER['HTTP_REFERER'] = hg_clean_value($_SERVER['HTTP_REFERER']); define('REFERRER', $_SERVER['HTTP_REFERER']); $gTpl = new Templates($gProxyConf); if (DEVELOP_MODE) { $gTpl->setTemplateVersion(''); } else { $gTpl->setTemplateVersion(SOFTVAR . '/' . $gGlobalConfig['version']); } $gTpl->addVar('gProxyConf', $gProxyConf); $gCache = new class_functions(); if (DEVELOP_MODE) { } if (defined('WITH_DB') && WITH_DB) { $gDB = hg_checkDB(); } $_INPUT = hg_init_input();
function hg_init_input($data = array()) { $ret = array(); $data = or_get($data, array_merge($_GET, $_POST)); foreach ($data as $k => $v) { $ret[hg_clean_key($k)] = is_array($v) ? hg_init_input($v) : hg_clean_value($v); } return $ret; }